If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

ATTENTION: Windows 10 users

Beta 2 build is now available!

If you just upgraded to Windows 10 or running build 10240 or greater of Win 10 pre-release you will need to download and install the new version of ZoneAlarm 14.0.157.000

Configuration question, new version ZA+AV free 12.0.104.000

Hi,

after I've done a clean installation, my networks (1 PC + router = Internet/DHCP) are both in the trusted zone.
I'm wondering why this is so.
Before the settings were IP range=internet and DHCP=trusted).

Re: Configuration question, new version ZA+AV free 12.0.104.000

Hi!

this is the default behaviour since sometime. The LAN (your internal network - i.e. 192.168.X.X - 255.255...) and DHCP is set automatically as Trusted. On a new installs, if you are on windows 7 or 8, ZA will take the settings directly from the OS. If you are still on XP, you should get a pop (unless this has changed in version 12).

You may have reduncies in the settings. e.g. if your LAN is set as trusted and your router is managing the DHCP, then the DHCP entry will become redundant as you are already trusting the LAN. And so on....

Re: Configuration question, new version ZA+AV free 12.0.104.000

Hi fax,

thanks for the detailed explanation. Very informative.

I'm on windows 7 so this fits to me.

But I'm just a little unsure if this is cool, because in another not old post I read the statement that setting the internal network as trusted means revealing it to the whole internet thus rendering the firewall almost useless.

Also (if it's for interest) I ran a scan on GRC's shields up, saying some common ports are closed instead of stealth (in the past all were described as stealth. Is it a change of ZA in dealing with solicated TCP packages ?

BTW: I don't want to break a discussion over "closed" is less secure then "stealthed"

Re: Configuration question, new version ZA+AV free 12.0.104.000

Probably there is a misunderstanding, the internal network cannot be reached directly from the network. So, there is no way you are exposing your PCs if you set the LAN as trusted. If instead the network is not a router but a modem then you have indeed a problem as you are directly open to internet.

If at GRC your ports are all closed and not stealthed than it means your router does only NAT (address translation from Internet IPs into 192.168.X.X of your LAN) and does not have a firewall with stealth capability.

So, you router is facing the internet and thats what GRC is testing (not ZA). You should check the router manual if there is any setting for the firewall.

Can you confirm that you have 192.168.X.X type of addresses listed in ZA? Just in case

Re: Configuration question, new version ZA+AV free 12.0.104.000

Originally Posted by fax

Probably there is a misunderstanding, the internal network cannot be reached directly from the network. So, there is no way you are exposing your PCs if you set the LAN as trusted. If instead the network is not a router but a modem then you have indeed a problem as you are directly open to internet.

I'm behind a router (FritzBox).

Originally Posted by fax

If at GRC your ports are all closed and not stealthed than it means your router does only NAT (address translation from Internet IPs into 192.168.X.X of your LAN) and does not have a firewall with stealth capability.

Some, not all ports are closed. Common ports as (0,23,79,1025-1030, 1720 and 50000). I notice that on the last scan e.g. FTP port 21 and DCOM port 1024 was closed and is now stealthed. Maybe somekind of "learning" ?

Originally Posted by fax

So, you router is facing the internet and thats what GRC is testing (not ZA). You should check the router manual if there is any setting for the firewall.

I'll check but there is not much to configure that way I guess. Besides, the UPNP-router check is perfect.

Originally Posted by fax

Can you confirm that you have 192.168.X.X type of addresses listed in ZA? Just in case

Re: Configuration question, new version ZA+AV free 12.0.104.000

Originally Posted by Darklord666

Hi,

after I've done a clean installation, my networks (1 PC + router = Internet/DHCP) are both in the trusted zone.
I'm wondering why this is so.
Before the settings were IP range=internet and DHCP=trusted).

Any recommendations or explanations are appreciated.

Maybe this might help.

A computer can receive its IP address from the DHCP server only when the "Obtain an IP address automatically" option is selected on the computer.

Re: Configuration question, new version ZA+AV free 12.0.104.000

Hi guys !

Thanks for your input. I think I found the cause of the display of closed ports. I was wondering why after each scan on GRC the ports changed and if I choose scan all service ports, it shows a blue diagonal line (means closed) of ports. Strange.

It is neither my router nor ZA who causes this. There seems to be a problem on GRC site to analyze the packets fast enough. There was a recent change there. So packets are not dropped, they are just not recognized. You can read details in the newsgroups there.

So, I guess I live with that and assume, that all ports are stealthed, because this was the result the last time (and all times before) I did the scan on shieldsup! before I re-installed ZA. Silly coincidence that leads me believe the cause to be ZA in first place.

Last edited by Darklord666; November 5th, 2013 at 07:21 AM.
Reason: typos

Re: Configuration question, new version ZA+AV free 12.0.104.000

Yeap, regardless of results at GRC, your router is facing the internet so it is the one been audited. Normally, fritz routers are rather solid so, it is likely, as you suggest, a GRC issue than a problem in your router.